EME is the bridge between a JavaScript video player and the operating-system or browser-provided DRM CDM (Content Decryption Module). The player creates a MediaKeys object for a chosen key system (com.widevine.alpha, com.microsoft.playready, com.apple.fps), generates a MediaKeySession, hands the session the PSSH initialisation data from the encrypted media, gets a license-request message in return, sends that message to the license server, and feeds the license response back to the session. Once the session is licensed, the player can append encrypted media to MSE and the CDM decrypts it transparently for the decoder.
EME standardised what before 2014 was a per-vendor proprietary API. With EME, the same player code can talk to Widevine in Chrome, PlayReady in Edge, FairPlay in Safari, and Widevine on Android — just by negotiating the key system. The player still needs platform-specific license-server URLs and request formats, but the API surface is identical. Shaka Player and hls.js both use EME for all DRM playback.
EME has been controversial. Mozilla resisted shipping it in Firefox, EFF criticised it as DRM in a web standard, but by 2017 every major browser supported it because every commercial OTT service required it. By 2026 EME is a settled standard — the controversy is over and the API is invisible to viewers. Compatibility issues arise mostly around key system version mismatches (Widevine L1 vs L3, FairPlay version differences across iOS versions) which the player must handle.
